package bog

class SecurityFilters {
    def filters = {

        loginCheck(controller:'thread', action:'*') {

            def allowed =  ['show', 'list']

            before = {
                if(!session.user && !actionName.equals('login') && !allowed.contains(actionName)) {
                    redirect(controller: "user", action: "login",
                            params: ["cName": controllerName,
                                    "aName": actionName])
                    return false
                }
            }
        }


        loginCheck(controller:'course', action:'*') {

            def allowed = ['show', 'list']

            before = {
                if(!session.user && !actionName.equals('login') && !allowed.contains(actionName)) {
                    redirect(controller: "user", action: "login",
                            params: ["cName": controllerName,
                                    "aName": actionName])
                    return false
                }
//                else if (session.user && session.user.type != 'Admin') {
//                    redirect(controller: "index", action: "index")
//                }
            }
        }

        loginCheck(controller:'tag', action:'*') {

            def allowed = ['show', 'list']

            before = {
                if(!session.user && !actionName.equals('login') && !allowed.contains(actionName)) {
                    redirect(controller: "user", action: "login",
                            params: ["cName": controllerName,
                                    "aName": actionName])
                    return false
                }  else if (session?.user?.type != 'Admin') {
                    redirect(controller: "index", action: "index")
                }
            }
        }


    }
}
